Money or damage: What was the motive behind launching Petya?

Siliconreview Team
2017-07-05

Many organizations in Europe and USA have been affected by the ransomware known as Petya. This year, almost all of the large multinational companies were targeted by the cyber hackers and ransomware prevailed all over. But in recent news, security analysts have suggested that the description of Petya might not be appropriate. This malicious software’s code implies that the profit earned out of the ransomware might have been a camouflage for an act of cyber-espionage targeting the country, Ukraine.

The idea of ransomware works on a give-and-take formula: when the data is seized, the attackers’ demands for a ransom to retrieve the encrypted data and information. But if the attacker doesn’t fulfill their side of the bargain, it certainly implies that money wasn’t the motive. Now, considering Petya’s origin on Ukrainian soil, it is clearly evident that the motive behind the hacking was not to demand money but to damage those networks.

This is the idea that was advanced by several experts as more thorough research was conducted. According to some of the experts, in the year 2017, Petya appeared to have been slightly modified than last year’s attack to make the encoding of user data irreversible by overwriting the master boot record. This prevented attackers’ email to appear online, thus preventing ransoms being paid.

Though all this analysis are still roughly drawn from research and are based on incomplete information, it is not hard to guess that in the name of hacking and ransomware, the economy of a country is screwed over and there is a new reason now to back up old files, documents and data and store it in some safer places.